Response to Official Action 
Dated 19 October 2007 
Re: USSN 10/643,306 
Page 2 

Please amend the claims to read as indicated in the following list of 
claims: 

1. [Previously presented] A method of controlling 
processing of data in a computer apparatus, wherein the 
data comprises a plurality of usage rules for a plurality 
of data items stored by said computer apparatus, and 
comprising : 

applying individualised usage rules to each of the 
data items based on a measurement of integrity of a 
computing entity to which the data items are to be made 
available, said data items being logically grouped together 
as a set of data items, and 

instantiating the set of data items at the computing 
entity depending upon the integrity of the computing entity 
and the usage rule applicable to each data item in said 
set . 

2. [Original] A method as claimed in claim 1, in which at 
least some of the usage rules comprise masking instructions 
for masking the associated data items. 

3. [Original] A method as claimed in claim 2, in which a 
data item is masked from a set of data by encrypting it. 

4. [Original] A method as claimed in claim 3, in which a 
data item is encrypted with an associated encryption key, 
said encryption key being different for different ones of 
the data items. 
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5. [Original] A method as claimed in claim 1, in which the 
usage rules define security rules for the associated data 
item. 

6. [Original] A method as claimed in claim 1, in which the 
data may be transferred between a plurality of computing 
entities and the instantiation of the data at each 
computing entity depends on the capabilities of that 
entity. 

7. [Original] A method as claimed in claim 6, in which a 
computing entity is a computing platform. 

8. [Original] A method as claimed in claim 6, in which the 
computing entity is a software process. 

9. [Original] A method as claimed in claim 1, in which a 
computing entity can reliably and irrevocably deny future 
access to selected data items. 

10. [Original] A method as claimed in claim 9, in which 
means for accessing the data is stored within a protected 
memory. 

11. [Original] A method as claimed in claim 10, in which 
the protected memory is within a trusted computing module. 

12. [Original] A method as claimed in claim 1, in which 
computing entities negotiate with one another concerning 
the use of the data before the data is made available. 
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13. [Original] A method as claimed claim 1, in which the 
data has constraints defining conditions for use of the 
data . 

14. [Original] A method as claimed in claim 13, in which 
the constraints define at least one item selected from: 

a. the purpose for which the data can be used 

b. the geographical area in which the data may be 
manifested 

c. the temporal domain in which the data may be 
manifested 

d. the computing platforms that may manipulate the 

data . 

15. [Original] A method as claimed in claim 1 in which the 
data further includes test data. 

16. [Original] A method as claimed in claim 15, in which 
the structure of test data is comparable to the structure 
of real data contained by the data items. 

17. [Original] A method as claimed in claim 16, in which 
the results of operations performed on the test data are 
examined in order to make a decision on whether to release 
the real data to a node that operated on the test data. 

18. [Original] A method as claimed in claim 1, in which a 
node requesting access to the data supplies -hostage 
material to the node issuing the data prior to the issuance 
of the data. 
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19. [Original] A method as claimed in claim 18, in which a 
third party hostage release authority is contacted to 
activate the hostage material. 

20. [Original] A method as claimed in claim 1 in which a 
node finding itself in possession of data whose history or 
content do not meet predetermined requirements, formats the 
data and places it in a repository. 

21. [Original] A method as claimed in claim 20, in which 
the data placed in the repository is in an encrypted form. 

22. [Original] A method as claimed in claim 21, in which 
the data is encrypted using a public key included in the 
data . 

23. [Previously presented] A method as claimed in claim 
21, in which the data in the repository is associated with 
an identification means to enable the owner of the data to 
identify it. 

24. [Original] A method as claimed in claim 1, in which a 
node wishing to present the data for retrieval places the 
data in a repository. 

25. [Original] A method as claimed in claim 24, in which 
the data is placed in the repository in encrypted form. 

26. [Original] A method as claimed in claim 25, in which 
the data is encrypted using a public key included in the 
data . 
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27. [Original] A method as claimed in claim 26, in which 
the data in the repository is associated with 
identification means to enable the owner of the data to 
identify it. 

28. [Original] A method as claimed in claim 1, in which 
constraints associated with the data determine whether the 
data will process on anything other than a trusted 
computing platform. 

29. [Original] A method as claimed in claim 28, in which 
constraints associated with the data determine whether the 
data and/or results from processing the data are inhibited 
from viewing by a computing platform owner or 
administrator . 

30. [Original] A method as claimed in claim 1 in which the 
security contracts are stored separately from the data. 

31. [Original] A method as claimed in claim 1 in which mask 
or decryption keys are stored separately from the data. 

32. [Original] A method as claimed in claim 1 in which a 
computing entity that receives data signs the data with a 
signature key belonging to that entity. 

33. [Previously presented] A method of controlling 
processing of data, wherein the data comprises a plurality 
of rules associated with a plurality of data items 
comprising a set of logically related data items, each data 
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item in the set having a rule associated therewith, said 
rules acting to individually define usage and/or security 
to be observed when processing each of the data items in 
the set of data items, and in which forwarding of the set 
of data items is performed in accordance with mask means 
provided in association with the rules. 

34. [Original] A method as claimed in claim 33, in which 
the mask comprises at least one of a symmetric encryption 
string, symmetric encryption key, and an asymmetric 
encryption key. 

35. [Original] A method as claimed in claim 33, in which 
the rules associated with the data items are adhered to in 
preference to data handling rules associated with a 
computing entity processing the data. 

36. [Original] A method as claimed in claim 33, in which at 
least some of the rules comprise masking instructions for 
masking the associated data items. 

37. [Original] A method as claimed in claim 36, in which a 
data item is masked from a set of data by encrypting it. 

38. [Original] A method as claimed in claim 37, in which a 
data item is encrypted with an associated encryption key, 
said encryption key being different for different ones of 
the data items. 

39. [Original] A method as claimed in claim 33 in which the 
data may be transferred between computing entities and the 



Response to Official Action 
Dated 19 October 2007 
Re: USSN 10/643,306 
Page 8 

instantiation of the data at each computing entity depends 
on the capabilities of the entity. 

40. [Previously presented] A method as claimed in claim 
33, in which the rules define at least one item selected 
from: 

a. the purpose for which the data can be used 

b. the geographical area in which the data may be 
manifested 

c. the temporal domain in which the data may be 
manifested 

d. the computing platforms that may manipulate the 

data . 

41. [Original] A method as claimed in claim 33 in which the 
data further includes test data, the test data is 
comparable to the structure of real data contained by the 
data items, and in which the results of operations 
performed on the test data are examined in order to make a 
decision on whether to release the real data to node that 
operated on the test data. 

42. [Original] A method as claimed in claim 33, in which a 
computing entity finding itself in possession of data whose 
history or content do not meet predetermined requirements, 
or wishing to make data available because it has performed 
some processing in at least partially masked form, formats 
the data places it in a repository. 
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43. [Previously presented] A computer program stored on 
computer readable media for instructing a programmable 
computer to implement a method of controlling the 
processing of data, wherein the data comprises a plurality 
of usage rules for a plurality of data items, the 
programmable computer being programmed to apply 
individualised usage rules to each of the data items based 
on a measurement of integrity of a computing entity to 
which the data items are to be made available, the computer 
program permitting instantiation of the data items at the 
computing entity only if the integrity of the computing 
entity complies with the individualised usage rules 
associated with said data items. 

Claim 44 - 49. Cancelled. 

50. [Previously presented] A computer apparatus for 
controlling processing of data, wherein the data comprises 
a plurality of usage rules for a plurality of data items 
stored by said computer apparatus, said computer apparatus 
controlling instantiation of the data at a computing 
entity, said computer apparatus including: 

programming for applying individualised usage rules to 
each of the data items based on a measurement of integrity 
of the computing entity to which the data items are to be 
made available, said data items being logically grouped 
together as a set of data items, and 

programming for individually instantiating data items 
in the set of data items at the computing entity as a 
function of the integrity of the computing entity and the 
usage rule applicable to each data item in said set. 



